Commit message (Collapse) | Author | Age | Files | Lines | |
---|---|---|---|---|---|
* | Allow CA certificates configured as PEM string | Bjørn Christian Seime | 2019-08-21 | 1 | -5/+12 |
| | |||||
* | Reimplement ConfiguredSslContextFactoryProvider as TlsContextBasedProvider | Bjørn Christian Seime | 2019-08-21 | 1 | -34/+27 |
| | | | | | Use the TlsContextBasedProvider to ensure that the endpoint uses the standard TLS settings of Vespa (TLS protocol version, ciphers etc). | ||||
* | Merge pull request #10262 from vespa-engine/bjorncs/http-bindings-cleanup | Bjørn Christian Seime | 2019-08-16 | 1 | -1/+1 |
|\ | | | | | Don't use wildcard scheme in uri patterns | ||||
| * | Don't use wildcard scheme in uri patterns | Bjørn Christian Seime | 2019-08-13 | 1 | -1/+1 |
| | | |||||
* | | Merge pull request #10296 from vespa-engine/bjorncs/nginx-health-check-proxy | Bjørn Christian Seime | 2019-08-15 | 5 | -4/+188 |
|\ \ | | | | | | | Add health check proxy support to jdisc connectors | ||||
| * | | Only allow proxying https ports | Bjørn Christian Seime | 2019-08-15 | 1 | -4/+3 |
| | | | |||||
| * | | Add health check proxy support to jdisc connectors | Bjørn Christian Seime | 2019-08-15 | 5 | -4/+189 |
| | | | | | | | | | | | | | | | | | | | | | | | | Add connector configuration that will transform the connector to a health check proxy for to a different connector, e.g proxying http -> https. This is a required feature to support http-only load balancer health checks when the container is intended to be running in a https-only environment. | ||||
* | | | Merge pull request #10238 from vespa-engine/ogronnesby/propagate-ca-in-config | Øyvind Grønnesby | 2019-08-14 | 1 | -0/+7 |
|\ \ \ | |/ / |/| | | Add the CA certificates to configuration and read it from app package | ||||
| * | | Add the CA certificates to configuration and read it from application package | Øyvind Grønnesby | 2019-08-12 | 1 | -0/+7 |
| |/ | |||||
* | | Fix typo in comment | Bjørn Christian Seime | 2019-08-13 | 1 | -1/+1 |
| | | |||||
* | | Add explicit unit test to verify whitelisted access | Bjørn Christian Seime | 2019-08-13 | 1 | -0/+18 |
| | | |||||
* | | Add Jetty handler that enforces TLS client authentication at http layer | Bjørn Christian Seime | 2019-08-13 | 5 | -11/+137 |
|/ | |||||
* | Fix typo in class name | Bjørn Christian Seime | 2019-07-04 | 1 | -2/+2 |
| | |||||
* | Add SslContextFactoryProvider that uses TlsContex | Bjørn Christian Seime | 2019-07-03 | 4 | -51/+150 |
| | |||||
* | Extend the AutoCloseable interface | Bjørn Christian Seime | 2019-07-03 | 1 | -1/+2 |
| | |||||
* | Rename 'ReloadingTlsContext' -> 'ConfigFiledBasedTlsContext' | Bjørn Christian Seime | 2019-07-03 | 1 | -2/+2 |
| | |||||
* | Some methods in SslContextFactory base class are deprecated | Bjørn Christian Seime | 2019-07-02 | 3 | -3/+3 |
| | | | | Use SslContextFactory.Server instead. | ||||
* | Use new Jetty api for generating set-cookie headers | Bjørn Christian Seime | 2019-07-02 | 3 | -21/+19 |
| | |||||
* | tls config from deploy params | Morten Tokle | 2019-06-24 | 2 | -10/+34 |
| | |||||
* | Revert "mortent/tls config from deploy params" | Morten Tokle | 2019-06-21 | 2 | -34/+10 |
| | |||||
* | enable passing certificate directly in config | andreer | 2019-06-19 | 2 | -10/+34 |
| | |||||
* | Generate certificate in test instead of using pre-generated one | Bjørn Christian Seime | 2019-05-27 | 5 | -124/+38 |
| | |||||
* | Merge pull request #9228 from vespa-engine/balder/mockito-latest-1 | Henning Baldersheim | 2019-04-29 | 28 | -95/+94 |
|\ | | | | | Use latest mockito 1 series. | ||||
| * | Replace use of testng with junit | Bjørn Christian Seime | 2019-04-29 | 28 | -94/+93 |
| | | |||||
| * | Use latest mockito 1 series. | Henning Baldersheim | 2019-04-29 | 1 | -1/+1 |
| | | |||||
* | | Refactor into separate method | Bjørn Christian Seime | 2019-04-29 | 1 | -5/+11 |
| | | |||||
* | | Do not log 404 as warning for 'form-urlencoded' requests | Bjørn Christian Seime | 2019-04-29 | 1 | -0/+1 |
|/ | |||||
* | Revert "Upgrade Jetty to 9.4.16" | Bjørn Christian Seime | 2019-04-15 | 3 | -3/+3 |
| | |||||
* | Upgrade Jetty to 9.4.16 | Bjørn Christian Seime | 2019-04-15 | 3 | -3/+3 |
| | | | | | Use Server subclass as default constructor of SslContextFactory and some methods are marked as deprecated. | ||||
* | Add ssl session id and cipher suite to access log | Bjørn Christian Seime | 2019-04-10 | 2 | -0/+10 |
| | |||||
* | Add scheme as dimension to response metrics | Bjørn Christian Seime | 2019-04-04 | 3 | -65/+112 |
| | |||||
* | Add scheme as dimension to request metrics | Bjørn Christian Seime | 2019-04-04 | 2 | -2/+30 |
| | |||||
* | Don't log invalid requests | Bjørn Christian Seime | 2019-03-15 | 1 | -1/+2 |
| | |||||
* | Add back stopTimeout to connector config | Bjørn Christian Seime | 2019-03-14 | 1 | -0/+4 |
| | |||||
* | Print shutdown timeout | Bjørn Christian Seime | 2019-03-13 | 1 | -1/+1 |
| | |||||
* | Remove stopTimeout from connector config | Bjørn Christian Seime | 2019-03-13 | 3 | -7/+1 |
| | | | | Use global stop timeout from server on all connectors | ||||
* | Add logging of server shutdown | Bjørn Christian Seime | 2019-03-13 | 1 | -0/+6 |
| | |||||
* | Add stop timeout to server config | Bjørn Christian Seime | 2019-03-13 | 3 | -2/+7 |
| | |||||
* | Fix typo in comment | Bjørn Christian Seime | 2019-03-11 | 1 | -1/+1 |
| | |||||
* | Use local port when constructing request uri | Bjørn Christian Seime | 2019-03-11 | 2 | -467/+39 |
| | |||||
* | Avoid NPE in deconstruction | Håkon Hallingstad | 2019-02-27 | 1 | -1/+1 |
| | |||||
* | Add withCertificateEntries() to KeyStoreBuilder | Bjørn Christian Seime | 2019-02-25 | 1 | -5/+3 |
| | |||||
* | Update copyright header. Specify charset | Bjørn Christian Seime | 2019-02-25 | 1 | -2/+3 |
| | |||||
* | Convert JDisc http connectors to https when TLS is configured through env vars | Bjørn Christian Seime | 2019-02-21 | 3 | -12/+93 |
| | |||||
* | Rename {Default => Configured}SslContextFactoryProvider, {Throwing => ↵ | Bjørn Christian Seime | 2019-02-21 | 5 | -101/+101 |
| | | | | | | Default}SslContextFactoryProvider Move SslContextFactoryProvider implementations to 'impl' package. | ||||
* | Explicitly disable hostname verification in the default JDisc SSL setup | Bjørn Christian Seime | 2019-02-20 | 1 | -1/+1 |
| | |||||
* | Populate all access log fields in log() | Bjørn Christian Seime | 2019-02-01 | 3 | -82/+76 |
| | | | | Populate all fields in log() as populateAccessLogEntryFromHttpServletRequest was not guaranteed to be called (e.g. when request headers/uri has invalid encoding). | ||||
* | Merge pull request #8306 from vespa-engine/bjorncs/vespa-http-client | Bjørn Christian Seime | 2019-02-01 | 1 | -7/+13 |
|\ | | | | | Add client version as header to all http requests (MERGEOK) | ||||
| * | Log 'Vespa-Client-Version' header to access log | Bjørn Christian Seime | 2019-02-01 | 1 | -7/+13 |
| | | |||||
* | | Nonfunctional changes only | Jon Bratseth | 2019-01-31 | 2 | -20/+16 |
|/ |